linuxdebug/tools/testing/selftests/net/forwarding/router.sh

#!/bin/bash
# SPDX-License-Identifier: GPL-2.0

# +--------------------+                     +----------------------+
# | H1                 |                     |                   H2 |
# |                    |                     |                      |
# |              $h1 + |                     | + $h2                |
# |     192.0.2.2/24 | |                     | | 198.51.100.2/24    |
# | 2001:db8:1::2/64 | |                     | | 2001:db8:2::2/64   |
# |                  | |                     | |                    |
# +------------------|-+                     +-|--------------------+
#                    |                         |
# +------------------|-------------------------|--------------------+
# | SW               |                         |                    |
# |                  |                         |                    |
# |             $rp1 +                         + $rp2               |
# |     192.0.2.1/24                             198.51.100.1/24    |
# | 2001:db8:1::1/64                             2001:db8:2::1/64   |
# |                                                                 |
# +-----------------------------------------------------------------+

ALL_TESTS="
	ping_ipv4
	ping_ipv6
	sip_in_class_e
	mc_mac_mismatch
	ipv4_sip_equal_dip
	ipv6_sip_equal_dip
	ipv4_dip_link_local
"

NUM_NETIFS=4
source lib.sh
source tc_common.sh

require_command $MCD
require_command $MC_CLI
table_name=selftests

h1_create()
{
	vrf_create "vrf-h1"
	ip link set dev $h1 master vrf-h1

	ip link set dev vrf-h1 up
	ip link set dev $h1 up

	ip address add 192.0.2.2/24 dev $h1
	ip address add 2001:db8:1::2/64 dev $h1

	ip route add 198.51.100.0/24 vrf vrf-h1 nexthop via 192.0.2.1
	ip route add 2001:db8:2::/64 vrf vrf-h1 nexthop via 2001:db8:1::1
}

h1_destroy()
{
	ip route del 2001:db8:2::/64 vrf vrf-h1
	ip route del 198.51.100.0/24 vrf vrf-h1

	ip address del 2001:db8:1::2/64 dev $h1
	ip address del 192.0.2.2/24 dev $h1

	ip link set dev $h1 down
	vrf_destroy "vrf-h1"
}

h2_create()
{
	vrf_create "vrf-h2"
	ip link set dev $h2 master vrf-h2

	ip link set dev vrf-h2 up
	ip link set dev $h2 up

	ip address add 198.51.100.2/24 dev $h2
	ip address add 2001:db8:2::2/64 dev $h2

	ip route add 192.0.2.0/24 vrf vrf-h2 nexthop via 198.51.100.1
	ip route add 2001:db8:1::/64 vrf vrf-h2 nexthop via 2001:db8:2::1
}

h2_destroy()
{
	ip route del 2001:db8:1::/64 vrf vrf-h2
	ip route del 192.0.2.0/24 vrf vrf-h2

	ip address del 2001:db8:2::2/64 dev $h2
	ip address del 198.51.100.2/24 dev $h2

	ip link set dev $h2 down
	vrf_destroy "vrf-h2"
}

router_create()
{
	ip link set dev $rp1 up
	ip link set dev $rp2 up

	tc qdisc add dev $rp2 clsact

	ip address add 192.0.2.1/24 dev $rp1
	ip address add 2001:db8:1::1/64 dev $rp1

	ip address add 198.51.100.1/24 dev $rp2
	ip address add 2001:db8:2::1/64 dev $rp2
}

router_destroy()
{
	ip address del 2001:db8:2::1/64 dev $rp2
	ip address del 198.51.100.1/24 dev $rp2

	ip address del 2001:db8:1::1/64 dev $rp1
	ip address del 192.0.2.1/24 dev $rp1

	tc qdisc del dev $rp2 clsact

	ip link set dev $rp2 down
	ip link set dev $rp1 down
}

start_mcd()
{
	SMCROUTEDIR="$(mktemp -d)"

	for ((i = 1; i <= $NUM_NETIFS; ++i)); do
		echo "phyint ${NETIFS[p$i]} enable" >> \
			$SMCROUTEDIR/$table_name.conf
	done

	$MCD -N -I $table_name -f $SMCROUTEDIR/$table_name.conf \
		-P $SMCROUTEDIR/$table_name.pid
}

kill_mcd()
{
	pkill $MCD
	rm -rf $SMCROUTEDIR
}

setup_prepare()
{
	h1=${NETIFS[p1]}
	rp1=${NETIFS[p2]}

	rp2=${NETIFS[p3]}
	h2=${NETIFS[p4]}

	rp1mac=$(mac_get $rp1)

	start_mcd

	vrf_prepare

	h1_create
	h2_create

	router_create

	forwarding_enable
}

cleanup()
{
	pre_cleanup

	forwarding_restore

	router_destroy

	h2_destroy
	h1_destroy

	vrf_cleanup

	kill_mcd
}

ping_ipv4()
{
	ping_test $h1 198.51.100.2
}

ping_ipv6()
{
	ping6_test $h1 2001:db8:2::2
}

sip_in_class_e()
{
	RET=0

	# Disable rpfilter to prevent packets to be dropped because of it.
	sysctl_set net.ipv4.conf.all.rp_filter 0
	sysctl_set net.ipv4.conf.$rp1.rp_filter 0

	tc filter add dev $rp2 egress protocol ip pref 1 handle 101 \
		flower src_ip 240.0.0.1 ip_proto udp action pass

	$MZ $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec \
		-A 240.0.0.1 -b $rp1mac -B 198.51.100.2 -q

	tc_check_packets "dev $rp2 egress" 101 5
	check_err $? "Packets were dropped"

	log_test "Source IP in class E"

	tc filter del dev $rp2 egress protocol ip pref 1 handle 101 flower
	sysctl_restore net.ipv4.conf.$rp1.rp_filter
	sysctl_restore net.ipv4.conf.all.rp_filter
}

create_mcast_sg()
{
	local if_name=$1; shift
	local s_addr=$1; shift
	local mcast=$1; shift
	local dest_ifs=${@}

	$MC_CLI -I $table_name add $if_name $s_addr $mcast $dest_ifs
}

delete_mcast_sg()
{
	local if_name=$1; shift
	local s_addr=$1; shift
	local mcast=$1; shift
	local dest_ifs=${@}

	$MC_CLI -I $table_name remove $if_name $s_addr $mcast $dest_ifs
}

__mc_mac_mismatch()
{
	local desc=$1; shift
	local proto=$1; shift
	local sip=$1; shift
	local dip=$1; shift
	local flags=${1:-""}; shift
	local dmac=01:02:03:04:05:06

	RET=0

	tc filter add dev $rp2 egress protocol $proto pref 1 handle 101 \
		flower dst_ip $dip action pass

	create_mcast_sg $rp1 $sip $dip $rp2

	$MZ $flags $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec -b $dmac \
		-B $dip -q

	tc_check_packets "dev $rp2 egress" 101 5
	check_err $? "Packets were dropped"

	log_test "Multicast MAC mismatch: $desc"

	delete_mcast_sg $rp1 $sip $dip $rp2
	tc filter del dev $rp2 egress protocol $proto pref 1 handle 101 flower
}

mc_mac_mismatch()
{
	__mc_mac_mismatch "IPv4" "ip" 192.0.2.2 225.1.2.3
	__mc_mac_mismatch "IPv6" "ipv6" 2001:db8:1::2 ff0e::3 "-6"
}

ipv4_sip_equal_dip()
{
	RET=0

	# Disable rpfilter to prevent packets to be dropped because of it.
	sysctl_set net.ipv4.conf.all.rp_filter 0
	sysctl_set net.ipv4.conf.$rp1.rp_filter 0

	tc filter add dev $rp2 egress protocol ip pref 1 handle 101 \
		flower src_ip 198.51.100.2  action pass

	$MZ $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec \
		-A 198.51.100.2 -b $rp1mac -B 198.51.100.2 -q

	tc_check_packets "dev $rp2 egress" 101 5
	check_err $? "Packets were dropped"

	log_test "Source IP is equal to destination IP: IPv4"

	tc filter del dev $rp2 egress protocol ip pref 1 handle 101 flower
	sysctl_restore net.ipv4.conf.$rp1.rp_filter
	sysctl_restore net.ipv4.conf.all.rp_filter
}

ipv6_sip_equal_dip()
{
	RET=0

	tc filter add dev $rp2 egress protocol ipv6 pref 1 handle 101 \
		flower src_ip 2001:db8:2::2 action pass

	$MZ -6 $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec \
		-A 2001:db8:2::2 -b $rp1mac -B 2001:db8:2::2 -q

	tc_check_packets "dev $rp2 egress" 101 5
	check_err $? "Packets were dropped"

	log_test "Source IP is equal to destination IP: IPv6"

	tc filter del dev $rp2 egress protocol ipv6 pref 1 handle 101 flower
}

ipv4_dip_link_local()
{
	local dip=169.254.1.1

	RET=0

	tc filter add dev $rp2 egress protocol ip pref 1 handle 101 \
		flower dst_ip $dip action pass

	ip neigh add 169.254.1.1 lladdr 00:11:22:33:44:55 dev $rp2
	ip route add 169.254.1.0/24 dev $rp2

	$MZ $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec -b $rp1mac -B $dip -q

	tc_check_packets "dev $rp2 egress" 101 5
	check_err $? "Packets were dropped"

	log_test "IPv4 destination IP is link-local"

	ip route del 169.254.1.0/24 dev $rp2
	ip neigh del 169.254.1.1 lladdr 00:11:22:33:44:55 dev $rp2
	tc filter del dev $rp2 egress protocol ip pref 1 handle 101 flower
}

trap cleanup EXIT

setup_prepare
setup_wait

tests_run

exit $EXIT_STATUS
null pointer error 2024-07-16 15:50:57 +02:00			`#!/bin/bash`
			`# SPDX-License-Identifier: GPL-2.0`

			`# +--------------------+ +----------------------+`
			`# \| H1 \| \| H2 \|`
			`# \| \| \| \|`
			`# \| $h1 + \| \| + $h2 \|`
			`# \| 192.0.2.2/24 \| \| \| \| 198.51.100.2/24 \|`
			`# \| 2001:db8:1::2/64 \| \| \| \| 2001:db8:2::2/64 \|`
			`# \| \| \| \| \| \|`
			`# +------------------\|-+ +-\|--------------------+`
			`# \| \|`
			`# +------------------\|-------------------------\|--------------------+`
			`# \| SW \| \| \|`
			`# \| \| \| \|`
			`# \| $rp1 + + $rp2 \|`
			`# \| 192.0.2.1/24 198.51.100.1/24 \|`
			`# \| 2001:db8:1::1/64 2001:db8:2::1/64 \|`
			`# \| \|`
			`# +-----------------------------------------------------------------+`

			`ALL_TESTS="`
			`ping_ipv4`
			`ping_ipv6`
			`sip_in_class_e`
			`mc_mac_mismatch`
			`ipv4_sip_equal_dip`
			`ipv6_sip_equal_dip`
			`ipv4_dip_link_local`
			`"`

			`NUM_NETIFS=4`
			`source lib.sh`
			`source tc_common.sh`

			`require_command $MCD`
			`require_command $MC_CLI`
			`table_name=selftests`

			`h1_create()`
			`{`
			`vrf_create "vrf-h1"`
			`ip link set dev $h1 master vrf-h1`

			`ip link set dev vrf-h1 up`
			`ip link set dev $h1 up`

			`ip address add 192.0.2.2/24 dev $h1`
			`ip address add 2001:db8:1::2/64 dev $h1`

			`ip route add 198.51.100.0/24 vrf vrf-h1 nexthop via 192.0.2.1`
			`ip route add 2001:db8:2::/64 vrf vrf-h1 nexthop via 2001:db8:1::1`
			`}`

			`h1_destroy()`
			`{`
			`ip route del 2001:db8:2::/64 vrf vrf-h1`
			`ip route del 198.51.100.0/24 vrf vrf-h1`

			`ip address del 2001:db8:1::2/64 dev $h1`
			`ip address del 192.0.2.2/24 dev $h1`

			`ip link set dev $h1 down`
			`vrf_destroy "vrf-h1"`
			`}`

			`h2_create()`
			`{`
			`vrf_create "vrf-h2"`
			`ip link set dev $h2 master vrf-h2`

			`ip link set dev vrf-h2 up`
			`ip link set dev $h2 up`

			`ip address add 198.51.100.2/24 dev $h2`
			`ip address add 2001:db8:2::2/64 dev $h2`

			`ip route add 192.0.2.0/24 vrf vrf-h2 nexthop via 198.51.100.1`
			`ip route add 2001:db8:1::/64 vrf vrf-h2 nexthop via 2001:db8:2::1`
			`}`

			`h2_destroy()`
			`{`
			`ip route del 2001:db8:1::/64 vrf vrf-h2`
			`ip route del 192.0.2.0/24 vrf vrf-h2`

			`ip address del 2001:db8:2::2/64 dev $h2`
			`ip address del 198.51.100.2/24 dev $h2`

			`ip link set dev $h2 down`
			`vrf_destroy "vrf-h2"`
			`}`

			`router_create()`
			`{`
			`ip link set dev $rp1 up`
			`ip link set dev $rp2 up`

			`tc qdisc add dev $rp2 clsact`

			`ip address add 192.0.2.1/24 dev $rp1`
			`ip address add 2001:db8:1::1/64 dev $rp1`

			`ip address add 198.51.100.1/24 dev $rp2`
			`ip address add 2001:db8:2::1/64 dev $rp2`
			`}`

			`router_destroy()`
			`{`
			`ip address del 2001:db8:2::1/64 dev $rp2`
			`ip address del 198.51.100.1/24 dev $rp2`

			`ip address del 2001:db8:1::1/64 dev $rp1`
			`ip address del 192.0.2.1/24 dev $rp1`

			`tc qdisc del dev $rp2 clsact`

			`ip link set dev $rp2 down`
			`ip link set dev $rp1 down`
			`}`

			`start_mcd()`
			`{`
			`SMCROUTEDIR="$(mktemp -d)"`

			`for ((i = 1; i <= $NUM_NETIFS; ++i)); do`
			`echo "phyint ${NETIFS[p$i]} enable" >> \`
			`$SMCROUTEDIR/$table_name.conf`
			`done`

			`$MCD -N -I $table_name -f $SMCROUTEDIR/$table_name.conf \`
			`-P $SMCROUTEDIR/$table_name.pid`
			`}`

			`kill_mcd()`
			`{`
			`pkill $MCD`
			`rm -rf $SMCROUTEDIR`
			`}`

			`setup_prepare()`
			`{`
			`h1=${NETIFS[p1]}`
			`rp1=${NETIFS[p2]}`

			`rp2=${NETIFS[p3]}`
			`h2=${NETIFS[p4]}`

			`rp1mac=$(mac_get $rp1)`

			`start_mcd`

			`vrf_prepare`

			`h1_create`
			`h2_create`

			`router_create`

			`forwarding_enable`
			`}`

			`cleanup()`
			`{`
			`pre_cleanup`

			`forwarding_restore`

			`router_destroy`

			`h2_destroy`
			`h1_destroy`

			`vrf_cleanup`

			`kill_mcd`
			`}`

			`ping_ipv4()`
			`{`
			`ping_test $h1 198.51.100.2`
			`}`

			`ping_ipv6()`
			`{`
			`ping6_test $h1 2001:db8:2::2`
			`}`

			`sip_in_class_e()`
			`{`
			`RET=0`

			`# Disable rpfilter to prevent packets to be dropped because of it.`
			`sysctl_set net.ipv4.conf.all.rp_filter 0`
			`sysctl_set net.ipv4.conf.$rp1.rp_filter 0`

			`tc filter add dev $rp2 egress protocol ip pref 1 handle 101 \`
			`flower src_ip 240.0.0.1 ip_proto udp action pass`

			`$MZ $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec \`
			`-A 240.0.0.1 -b $rp1mac -B 198.51.100.2 -q`

			`tc_check_packets "dev $rp2 egress" 101 5`
			`check_err $? "Packets were dropped"`

			`log_test "Source IP in class E"`

			`tc filter del dev $rp2 egress protocol ip pref 1 handle 101 flower`
			`sysctl_restore net.ipv4.conf.$rp1.rp_filter`
			`sysctl_restore net.ipv4.conf.all.rp_filter`
			`}`

			`create_mcast_sg()`
			`{`
			`local if_name=$1; shift`
			`local s_addr=$1; shift`
			`local mcast=$1; shift`
			`local dest_ifs=${@}`

			`$MC_CLI -I $table_name add $if_name $s_addr $mcast $dest_ifs`
			`}`

			`delete_mcast_sg()`
			`{`
			`local if_name=$1; shift`
			`local s_addr=$1; shift`
			`local mcast=$1; shift`
			`local dest_ifs=${@}`

			`$MC_CLI -I $table_name remove $if_name $s_addr $mcast $dest_ifs`
			`}`

			`__mc_mac_mismatch()`
			`{`
			`local desc=$1; shift`
			`local proto=$1; shift`
			`local sip=$1; shift`
			`local dip=$1; shift`
			`local flags=${1:-""}; shift`
			`local dmac=01:02:03:04:05:06`

			`RET=0`

			`tc filter add dev $rp2 egress protocol $proto pref 1 handle 101 \`
			`flower dst_ip $dip action pass`

			`create_mcast_sg $rp1 $sip $dip $rp2`

			`$MZ $flags $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec -b $dmac \`
			`-B $dip -q`

			`tc_check_packets "dev $rp2 egress" 101 5`
			`check_err $? "Packets were dropped"`

			`log_test "Multicast MAC mismatch: $desc"`

			`delete_mcast_sg $rp1 $sip $dip $rp2`
			`tc filter del dev $rp2 egress protocol $proto pref 1 handle 101 flower`
			`}`

			`mc_mac_mismatch()`
			`{`
			`__mc_mac_mismatch "IPv4" "ip" 192.0.2.2 225.1.2.3`
			`__mc_mac_mismatch "IPv6" "ipv6" 2001:db8:1::2 ff0e::3 "-6"`
			`}`

			`ipv4_sip_equal_dip()`
			`{`
			`RET=0`

			`# Disable rpfilter to prevent packets to be dropped because of it.`
			`sysctl_set net.ipv4.conf.all.rp_filter 0`
			`sysctl_set net.ipv4.conf.$rp1.rp_filter 0`

			`tc filter add dev $rp2 egress protocol ip pref 1 handle 101 \`
			`flower src_ip 198.51.100.2 action pass`

			`$MZ $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec \`
			`-A 198.51.100.2 -b $rp1mac -B 198.51.100.2 -q`

			`tc_check_packets "dev $rp2 egress" 101 5`
			`check_err $? "Packets were dropped"`

			`log_test "Source IP is equal to destination IP: IPv4"`

			`tc filter del dev $rp2 egress protocol ip pref 1 handle 101 flower`
			`sysctl_restore net.ipv4.conf.$rp1.rp_filter`
			`sysctl_restore net.ipv4.conf.all.rp_filter`
			`}`

			`ipv6_sip_equal_dip()`
			`{`
			`RET=0`

			`tc filter add dev $rp2 egress protocol ipv6 pref 1 handle 101 \`
			`flower src_ip 2001:db8:2::2 action pass`

			`$MZ -6 $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec \`
			`-A 2001:db8:2::2 -b $rp1mac -B 2001:db8:2::2 -q`

			`tc_check_packets "dev $rp2 egress" 101 5`
			`check_err $? "Packets were dropped"`

			`log_test "Source IP is equal to destination IP: IPv6"`

			`tc filter del dev $rp2 egress protocol ipv6 pref 1 handle 101 flower`
			`}`

			`ipv4_dip_link_local()`
			`{`
			`local dip=169.254.1.1`

			`RET=0`

			`tc filter add dev $rp2 egress protocol ip pref 1 handle 101 \`
			`flower dst_ip $dip action pass`

			`ip neigh add 169.254.1.1 lladdr 00:11:22:33:44:55 dev $rp2`
			`ip route add 169.254.1.0/24 dev $rp2`

			`$MZ $h1 -t udp "sp=54321,dp=12345" -c 5 -d 1msec -b $rp1mac -B $dip -q`

			`tc_check_packets "dev $rp2 egress" 101 5`
			`check_err $? "Packets were dropped"`

			`log_test "IPv4 destination IP is link-local"`

			`ip route del 169.254.1.0/24 dev $rp2`
			`ip neigh del 169.254.1.1 lladdr 00:11:22:33:44:55 dev $rp2`
			`tc filter del dev $rp2 egress protocol ip pref 1 handle 101 flower`
			`}`

			`trap cleanup EXIT`

			`setup_prepare`
			`setup_wait`

			`tests_run`

			`exit $EXIT_STATUS`